e158096aa2eb875bbfe8a184d94bbe6edd91089c0cb02efc6e76a52b8d3753b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53561e0ae5c4b7f2d662cfb38c0782ec_JaffaCakes118
Size

14KB
Sample

241017-x8nxnasblf
MD5

53561e0ae5c4b7f2d662cfb38c0782ec
SHA1

e7ce822dc4a1fb32ca3f976d79aa28390be76bea
SHA256

e158096aa2eb875bbfe8a184d94bbe6edd91089c0cb02efc6e76a52b8d3753b6
SHA512

fff94892e7f20a6c564aa7d5cdf1ffd558e5ca4844b8a0c2d6fa656b1c8374e011006352e32e7d5fe0c8c81ba4557287691923e25cbac54f6a3486652812ee9e
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhe:hDXWipuE+K3/SSHgxY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  53561e0ae5c4b7f2d662cfb38c0782ec_JaffaCakes118
- Size
  
  14KB
- MD5
  
  53561e0ae5c4b7f2d662cfb38c0782ec
- SHA1
  
  e7ce822dc4a1fb32ca3f976d79aa28390be76bea
- SHA256
  
  e158096aa2eb875bbfe8a184d94bbe6edd91089c0cb02efc6e76a52b8d3753b6
- SHA512
  
  fff94892e7f20a6c564aa7d5cdf1ffd558e5ca4844b8a0c2d6fa656b1c8374e011006352e32e7d5fe0c8c81ba4557287691923e25cbac54f6a3486652812ee9e
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4Yhe:hDXWipuE+K3/SSHgxY
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2